OK here's a strange request that I think should be changed on ZClasses (bear w/ me): 'View' permission should be disablable on a method of a ZClass. Right now, it forces 'View' to be mapped to 'View' if one tries to disable it. The reason is the event model that I am making available for ZClasses. One such event is the "onPropertyChange" which passes (self, propertysheet_id, changes, REQUEST) to the ZClass method. This is all well and good except that the same method can be called TTW, and thus forged. Worse yet, the changes param could be forged so that the method has false params. Disabling the method for TTW calling cleans everything up nicely. Anybody have any thoughts? Also, does anybody have any idea where it is currently getting the default set... I can't seem to find it. Thanks, Tim ___________________________________________________________ Tim McLaughlin BCSwebservices.net Director, Technical Group 1950 Old Gallows Road tel: (703) 790.8081 x111 Suite 201 [EMAIL PROTECTED] Vienna, VA 22182 www .bcswebservices. net _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )